diff --git a/.gitattributes b/.gitattributes
index 800e5a816563a51c7eeafbc5c0ecca07642f3383..7b62fb5202a3ae606d0ca6e5379575d004189c3c 100644
--- a/.gitattributes
+++ b/.gitattributes
@@ -376,6 +376,7 @@ tools/do_concolic.sh -text
tools/do_idapro.sh -text
tools/do_integertransform.sh -text
tools/do_makepeasoupbinary.sh -text
+tools/do_manual_cover.sh -text
tools/do_manualtests.sh -text
tools/do_p1transform.sh -text
tools/generate_exe.sh -text
@@ -383,6 +384,7 @@ tools/generate_io_baseline.sh -text
tools/getlibs.sh -text
tools/getsyms.sh -text
tools/libc_functions.txt -text
+tools/manual_cover.sh -text
tools/manual_test_import.sh -text
tools/p1xform.filter.deprecated.sh -text
tools/p1xform.pbed.deprecated.sh -text
diff --git a/tools/cover.sh b/tools/cover.sh
index 60d15e6f15d749eb8ad1190f9789168544e7428d..e2893c7298d8d6a1f2a792cae520d7ca2deb1598 100755
--- a/tools/cover.sh
+++ b/tools/cover.sh
@@ -11,9 +11,10 @@ FILTER_FILE=$4 # list of known functions to blacklist, e.g
# outputs
OUTPUT_COVERAGE_FILE=$5 # output file with coverage info per function
OUTPUT_BLACKLIST_FILE=$6 # output file with list of functions to blacklist
-
# other
-#CANDIDATE_FNS_PRE_FILTER=$P1_DIR/p1.candidates.prelibc
+
+
+CANDIDATE_FNS_PRE_LIBC=`dirname $6`/p1.candidates.prelibc
#
# Prune out functions that do not have sufficient coverage
@@ -32,8 +33,8 @@ if [ ! -f $OUTPUT_COVERAGE_FILE ]; then
return 1
fi
-#grep -v "0\.0" $OUTPUT_COVERAGE_FILE | cut -f1 -d" " > $CANDIDATE_FNS_PRE_LIBC
-grep "0\.0" $OUTPUT_COVERAGE_FILE | cut -f1 -d" " > $OUTPUT_BLACKLIST_FILE
+grep -v "0\.000" $OUTPUT_COVERAGE_FILE | cut -f1 -d" " > $CANDIDATE_FNS_PRE_LIBC
+grep "0\.000" $OUTPUT_COVERAGE_FILE | cut -f1 -d" " > $OUTPUT_BLACKLIST_FILE
# Filter out functions that:
# 1. are not sufficiently covered
@@ -41,6 +42,5 @@ grep "0\.0" $OUTPUT_COVERAGE_FILE | cut -f1 -d" " > $OUTPUT_BLACKLIST_FILE
cat $FILTER_FILE >> $OUTPUT_BLACKLIST_FILE
sort $OUTPUT_BLACKLIST_FILE | uniq > tmp.$$
mv tmp.$$ $OUTPUT_BLACKLIST_FILE
-rm tmp.$$
return 0
diff --git a/tools/do_manual_cover.sh b/tools/do_manual_cover.sh
new file mode 100755
index 0000000000000000000000000000000000000000..0eeb39c3cde689dfd3f53afd5e023c35f2b7f84e
--- /dev/null
+++ b/tools/do_manual_cover.sh
@@ -0,0 +1,31 @@
+#!/bin/sh
+
+#
+# Generate coverage information for each manual test
+# Aggregate all coverage into one final file
+#
+
+PEASOUP_DIR=`pwd`
+MANUAL_TEST_DIR=$PEASOUP_DIR/manual_tests
+COVER_SCRIPT=generate_cover_orig_cmd.sh
+AGGREGATE_COVERAGE=$PEASOUP_DIR/manual_coverage.txt # final output file
+
+ls $MANUAL_TEST_DIR/* >/dev/null 2>/dev/null
+if [ ! $? -eq 0 ]; then
+ echo "do_manual_cover.sh: error: no manual test specifications found -- exiting"
+ exit 1
+fi
+
+touch $AGGREGATE_COVERAGE
+
+for testname in `ls $MANUAL_TEST_DIR`
+do
+ echo "do moi: $MANUAL_TEST_DIR/$testname/spec/$COVER_SCRIPT"
+ $MANUAL_TEST_DIR/$testname/spec/$COVER_SCRIPT
+ cat $MANUAL_TEST_DIR/$testname/spec/coverage/executed_addresses.txt >> $AGGREGATE_COVERAGE
+done
+
+sort $AGGREGATE_COVERAGE | uniq > tmp.$$
+mv tmp.$$ $AGGREGATE_COVERAGE
+
+exit 0
diff --git a/tools/do_p1transform.sh b/tools/do_p1transform.sh
index 4dc3ae9cf03167eca1747bd105b70c095a3a2355..273f9324867b591342d111f4dc9780e2626dd200 100755
--- a/tools/do_p1transform.sh
+++ b/tools/do_p1transform.sh
@@ -16,13 +16,24 @@ echo "P1: transforming binary: cloneid=$CLONE_ID bed_script=$BED_SCRIPT"
# configuration variables
P1_DIR=p1.xform
EXECUTED_ADDRESSES=concolic.files_a.stratafied_0001/executed_address_list.txt
+EXECUTED_ADDRESSES_MANUAL=manual_coverage.txt
+EXECUTED_ADDRESSES_FINAL=final.coverage.txt
LIBC_FILTER=$PEASOUP_HOME/tools/libc_functions.txt
BLACK_LIST=$P1_DIR/p1.filtered_out # list of functions to blacklist
COVERAGE_FILE=$P1_DIR/p1.coverage
mkdir $P1_DIR
-$PEASOUP_HOME/tools/cover.sh $ORIGINAL_BINARY $MEDS_ANNOTATION_FILE $EXECUTED_ADDRESSES $LIBC_FILTER $COVERAGE_FILE $BLACK_LIST
+# generate coverage info for manually-specified tests
+$PEASOUP_HOME/tools/do_manual_cover.sh
+
+# merge all execution traces
+touch $EXECUTED_ADDRESSES_FINAL
+cat $EXECUTED_ADDRESSES_MANUAL >> $EXECUTED_ADDRESSES_FINAL
+cat $EXECUTED_ADDRESSES >> $EXECUTED_ADDRESSES_FINAL
+
+$PEASOUP_HOME/tools/cover.sh $ORIGINAL_BINARY $MEDS_ANNOTATION_FILE $EXECUTED_ADDRESSES_FINAL $LIBC_FILTER $COVERAGE_FILE $BLACK_LIST
+
if [ $? -eq 0 ]; then
if [ -f $COVERAGE_FILE ]; then
echo "P1: issuing command: $SECURITY_TRANSFORMS_HOME/tools/transforms/p1transform.exe $cloneid $BLACK_LIST"
diff --git a/tools/manual_cover.sh b/tools/manual_cover.sh
new file mode 100755
index 0000000000000000000000000000000000000000..7f54078484e7ed3aed160975e52bac133f5fe65f
--- /dev/null
+++ b/tools/manual_cover.sh
@@ -0,0 +1,22 @@
+# Coverage tool for manual tests
+#
+# Usage:
+# manual_cover.sh <coverageOutputFile> -- cmd arg1 .. argn
+#
+# Example:
+# manual_cover.sh test1.executed_addresses.txt -- ls -lt .
+
+# If you don't have a coverage tool: uncomment below
+# exit 1
+
+# Otherwise, compute coverage below
+OUTPUT_FILE=$1
+shift
+shift
+
+FULL_COMMAND=$*
+
+# We use pin for extracting coverage info
+$PEASOUP_HOME/tools/pin/pin -t $PEASOUP_HOME/tools/pin/itraceunique.so -- $FULL_COMMAND
+
+cat itrace.out | grep -v eof > $OUTPUT_FILE
diff --git a/tools/manual_test_import.sh b/tools/manual_test_import.sh
index 89f8801f2ef01a3201b4d71ef4fe95708d3e8ddf..491c6399cb16b7f2468c84697b85674300230b0b 100755
--- a/tools/manual_test_import.sh
+++ b/tools/manual_test_import.sh
@@ -17,7 +17,7 @@
INFILES=""
OUTFILES=""
-NAME=""
+TEST_NAME=""
while [ $# -gt 0 ]
do
case "$1" in
@@ -25,13 +25,13 @@ do
"--prog") PROG=$2; shift;;
"--infile") INFILES="$2 $INFILES"; shift;;
"--outfile") OUTFILES="$2 $OUTFILES"; shift;;
- "--name") NAME=$2; shift;;
+ "--name") TEST_NAME=$2; shift;;
*) break;;
esac
shift
done
-echo "NAME = $NAME"
+echo "TEST_NAME = $TEST_NAME"
echo "INFILES = $INFILES"
echo "OUTFILES = $OUTFILES"
echo "PROG = $PROG"
@@ -51,14 +51,18 @@ echo "CMD = $CMD"
# setup test directory
PWD=`pwd`
-if [ -z $NAME ]; then
+if [ -z $TEST_NAME ]; then
TEST_DIR=${PWD}/manual_tests/test.$$
+ TEST_NAME=test.$$
else
- TEST_DIR=${PWD}/manual_tests/$NAME
+ TEST_DIR=${PWD}/manual_tests/$TEST_NAME
fi
TEST_SPEC_DIR=${TEST_DIR}/spec
SPEC_INPUT_DIR=$TEST_SPEC_DIR/input
SPEC_OUTPUT_DIR=$TEST_SPEC_DIR/output
+TEST_ORIG_COVERAGE=$TEST_SPEC_DIR/coverage
+TEST_ORIG_CMD_SCRIPT=$TEST_SPEC_DIR/generate_cover_orig_cmd.sh
+
TEST_DIR_XFORMED=$TEST_DIR/transformed
TEST_XFORMED_CMD_SCRIPT=$TEST_DIR_XFORMED/test_new_cmd.sh
TEST_XFORMED_OUTPUT_DIR=$TEST_DIR_XFORMED/output
@@ -66,6 +70,7 @@ TEST_XFORMED_OUTPUT_DIR=$TEST_DIR_XFORMED/output
mkdir -p $SPEC_INPUT_DIR
mkdir -p $SPEC_OUTPUT_DIR
mkdir -p $TEST_XFORMED_OUTPUT_DIR
+mkdir -p $TEST_ORIG_COVERAGE
# copy input files
for i in $INFILES
@@ -79,6 +84,35 @@ do
cp $i $SPEC_OUTPUT_DIR
done
+#---------------------------------------
+# Original cmd/program
+#---------------------------------------
+#
+# create script to run original command with coverage info
+#
+
+touch $TEST_ORIG_CMD_SCRIPT
+
+# cleanup input/output files
+for i in $INFILES
+do
+ echo " rm $i 2>/dev/null" >> $TEST_ORIG_CMD_SCRIPT
+done
+
+for i in $OUTFILES
+do
+ echo " rm $i 2>/dev/null" >> $TEST_ORIG_CMD_SCRIPT
+ echo " rm $TEST_ORIG_OUTPUT_DIR/$i 2>/dev/null" >> $TEST_ORIG_CMD_SCRIPT
+done
+
+# stage in input (if any)
+for i in $INFILES
+do
+ echo " cp $SPEC_INPUT_DIR/$i ." >> $TEST_ORIG_CMD_SCRIPT
+done
+
+echo "\$PEASOUP_HOME/tools/manual_cover.sh $TEST_ORIG_COVERAGE/executed_addresses.txt -- $CMD" >> $TEST_ORIG_CMD_SCRIPT
+
#---------------------------------------
# Transformed cmd/program
#---------------------------------------
@@ -123,4 +157,5 @@ chmod +x $TEST_XFORMED_CMD_SCRIPT
cp $PEASOUP_HOME/tools/run_stratafied.tmpl.sh $TEST_DIR_XFORMED/$PROG
chmod +x $TEST_DIR_XFORMED/$PROG
+chmod +x $TEST_ORIG_CMD_SCRIPT